On Tue, 3 Dec 2002, Andre John Cruz wrote: > Sacha Chua said: > > "Andre John Cruz" <[EMAIL PROTECTED]> writes: > > > >> how could apache be more economical than IIS when in fact IIS is > >> already built into Windows NT/2000? this kind of reasoning doesn't > >> make sense (remember Microsoft's previous tagline "making it all make > >> sense"?) > > > > It's not just about the up-front price of the software but also about > > stability and security. =) > > there's also this recent study that claims windows has a better track > record on security than linux this year...that's really laughable :) if > they're just into counting security advisories, i can attribute that to two > things: > > 1) most of windows' holes were due to outlook and IE. i am not aware of any > advisories against products like microsoft's exchange mail server, biztalk > products, and sql server. anybody wonder why? :)
Actually there are, ehem, were security problems discovered on EXCH 5.5, and most notably there was a big fiasco when the patch released by MS actualy ruined the setups of most deployed systems. > 2) most of the linux security holes weren't really linux per se, but the > other open source tools commonly bundled with linux, like BIND (horror!!!) > and OpenSSH. but i think that the reason security holes are being found on > these products is because they're open source and many eyes are > scrutinizing them. bind and openssh are the most used applications in linux (count in apache, and sendmail so they are the ones targeted for attack simply because they are there \8) It's the same banana with windows, Outlook Exp and IE are the most common and therefore the most victimized. Let's just all agree that security is an ongoing activity rather than a one time setup, and no matter what technology one uses (open source or proprietary) the issues still exist and the practices to avoid them are similar. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
